2017 Q3 LIFE@reliance Newsletter
C Y B E R S E CU R I T Y
RELIANCE TECHNOLOGY SOLUTIONS Information Security
Phishing, Spear-Phishing, Whaling, and Other Fishy Activities
HOW DO WE PROTECT OURSELVES FROM THESE FISHY ACTIVITIES? FOLLOW THESE FIVE STEPS TO AVOID BEING BAITED. 1. BE SKEPTICAL Unless you are 100% sure that an email is legitimate, assume it is not. Do not open any attachments that came with it. Do not click any links. 2. DO NOT DISCLOSE ANY SENSITIVE INFORMATION TO ANYONE WHOSE IDENTITY YOU CANNOT VERIFY Instead, if the email is from someone you know, reach out directly via phone or in person to verify the request is legitimate. 3. KEEP YOUR COMPUTERS, PHONES, TABLETS, AND OTHER ELECTRONIC EQUIPMENT UPDATED Make sure to install all updates and security patches whenever they become available. 4. TAKE CONTROL AND EDUCATE YOURSELF Read up on good information security practices. Use complex passwords that are different for every application/website. Ask for help if you have questions. Report suspicious activities. 5. BACK UP YOUR INFORMATION Take action yourself! Also, be aware of who has access to your personal information, including information on backup media and paper.
We store our digital information in a variety of locations: on our phones, personal computers, tablets, and in the cloud. Sometimes it’s not even clear where our information is actually stored or who has access to it. A good example is how Apple tries to create a seamless user experience; in doing so, your personal data is backed up in their cloud and replicated across your devices. Much of that information is sensitive. It shows who we are, who we relate to, how healthy we are, how much money we have in our bank account, and much more. When your information falls into the wrong hands, you can be exploited. Hackers can either steal money from you directly or block access to your information and demand a ransom for it. The so-called Ransomware Attacks are a recent example of this on an international scale. How do hackers gain control over your information? In many cases they target the weakest link. That is usually not your target the weakest link. That is usually not your firewall or your anti-virus solution. It is you ! How do hackers go about gaining control over your information? In many cases they
firewall or your anti-virus solution. It is you ! Hackers will try to trick you into doing something that allows them to steal from or blackmail you. Tricks include: • PHISHING A technique most of you are already familiar with. Generic emails with malicious attachments or links to websites are sent to potential victims. Clicking any of these might infect your computer, tablet, or phone with a virus. • SPEAR-PHISHING This approach is more specific. You might be targeted because of where you live, your age and/or gender, your job, etc. Spear-phishing emails can appear to be coming from a trusted sender. You are more likely to click because the email will contain more personalized information. • WHALING This trick is even more targeted. You might be in a role that entails managing payments in our organization. Whaling emails will be carefully drafted and tie into your specific situation to convince you to take action. An email might look like it is from your boss, approving a payment but asking you to send to a different account number. These techniques allow a hacker to target a lot of people with a good degree of success. In the past, it was relatively easy to spot suspicious emails because of their poor spelling and bad layout, but today’s messages look much more professional and are much harder to detect.
2 LIFE AT RELIANCE NEWSLETTER
Made with FlippingBook - Online catalogs